# Sip Security

- [DVRTC v0.2.0: pbx2 and SIP SQL injection](/blog/dvrtc-v0-2-0-adds-pbx2-and-sql-injection.md) (2026-04-21)
- [SIPVicious tutorial: testing VoIP security with DVRTC](/blog/sipvicious-tutorial-voip-security-testing-with-dvrtc.md) (2026-04-13)
- [Introducing DVRTC: a vulnerable lab for RTC security](/blog/introducing-dvrtc-damn-vulnerable-real-time-communications.md) (2026-03-27)
- [VoIP Eavesdropping: How it Works, Threats & Defense Tactics ](/blog/voip-eavesdropping-defense.md) (2025-10-09)
- [Rtpengine RTP Injection and Media Bleed Vulnerabilities (CVE-2025-53399)](/blog/rtpengine-critical-security-advisory-cve-2025-53399.md) (2025-07-31)
- [OpenSIPS Security Audit Report is fully disclosed and out there](/blog/opensips-security-audit-report.md) (2023-03-17)
- [SIPVicious PRO incremental update - and Gitlab CI/CD examples](/blog/sipvicious-pro-with-various-fixes-and-gitlab-ci.md) (2023-03-07)
- [SIPVicious PRO experimental now supports STIR/SHAKEN and 5 new tools](/blog/sipviciouspro-with-stir-shaken-support-and-new-tools.md) (2022-07-06)
- [Abusing SIP for Cross-Site Scripting? Most definitely!](/blog/sip-exploitation-for-xss.md) (2021-06-10)
- [SIPVicious OSS v0.3.4 released with exit codes and automation features](/blog/sipvicious-oss-0.3.4-released-with-exit-codes.md) (2021-06-02)
- [DEMO - An overview of the VoIP and RTC offensive security toolset, SIPVicious PRO](/blog/an-overview-of-the-voip-and-rtc-offensive-security-toolset-sipvicious-pro.md) (2021-05-25)
- [SIPVicious PRO 6.0.0-beta.4 getting close to take-off!](/blog/sipvicious-pro-release-6-beta-4.md) (2021-05-20)
- [TADSummit Asia 2021 talk about SIPVicious Pro and the Demo Server](/blog/tadsummit-asia-2021-introducing-sipvicious-pro-and-the-demo-server.md) (2021-05-18)
- [SIPVicious OSS 0.3.3 released with new STDIN and target URL specification](/blog/sipvicious-oss-0.3.3-released-stdin-target-urls.md) (2021-03-25)
- [Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution](/blog/buffer-overflow-discovery-to-rce-in-voipmonitor.md) (2021-03-16)
- [SIPVicious OSS 0.3.2 released with more IPv6 goodness!](/blog/sipvicious-oss-0.3.2-released-more-ipv6.md) (2021-03-03)
- [SIPVicious PRO 6.0.0-beta.2 takes STDIN and fixes various bugs](/blog/sipvicious-pro-release-6-beta-2.md) (2021-02-09)
- [Bug discovery diaries: uncovering sngrep overflow issues with blackbox fuzzing](/blog/discovering-sngrep-overflow-with-fuzzing.md) (2021-01-05)
- [SIPVicious PRO beta release contains SIP fuzzer and better automation](/blog/sipvicious-pro-beta-with-fuzzer-and-better-ci-cd-integration.md) (2020-12-03)
- [How doing QA testing for SIPVicious PRO led to an Asterisk DoS](/blog/asterisk-tcp-crash.md) (2020-11-10)
- [ClueCon Weekly with Sandro Gauci, demonstration of SIP Digest Leak](/blog/cluecon-weekly-sip-digest-leak-demo.md) (2020-10-16)
- [The great Kamailio security debate and some misconceptions debunked](/blog/kamailio-security-debate-and-misconceptions.md) (2020-09-22)
- [Smuggling SIP headers past Session Border Controllers FTW!](/blog/smuggling-sip-headers-past-sbc.md) (2020-09-01)
- [Kamailio World Online SIP and VoIP Security Panel](/blog/kamailio-world-online-sip-and-voip-security-panel.md) (2020-08-27)
- [Attacking a real VoIP System with SIPVicious OSS](/blog/attacking-real-voip-system-with-sipvicious-oss.md) (2020-06-08)
- [A gentle introduction to caller ID spoofing](/blog/an-introduction-to-caller-id-spoofing.md) (2020-05-07)
- [If SIPVicious gives you a ring...](/blog/if-sipvicious-gives-you-ring.md) (2012-12-10)